Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×

Trusted Or Treacherous Computing? 208

theodp writes "Just because Richard Stallman is paranoid doesn't mean Microsoft's not out to get you. For a hint about the possible end-game of Microsoft's Trusted Computing Initiative, check out the patent application published Thanksgiving Day for Trusted License Removal, in which Microsoft describes how to revoke rights to render based on 'who the user is, where the user is located, what type of computing device or other playback device the user is using, what rendering application is calling the copy protection system, the date, the time, etc.' So much for Microsoft's you-should-have-control assurances."
This discussion has been archived. No new comments can be posted.

Trusted Or Treacherous Computing?

Comments Filter:
  • by Old Man Kensey ( 5209 ) on Friday November 24, 2006 @05:27PM (#16978658) Homepage
    Anyone who has ever believed that Microsoft is genuinely on the consumer's side in any kind of licensing question is so naive they shouldn't be allowed out of the house without a minder.
    • by man_of_mr_e ( 217855 ) on Friday November 24, 2006 @05:31PM (#16978698)
      I think that, like many things, the reasons behind these ideas are well intentioned, but can be used for evil if not policed.

      There are a lot of good reasons to do the things Microsoft proposes. Stolen laptops, Malware, Leaked confidential information (think patient records, social security numbers, etc..). The problem is, of course, that most such technologies cut both ways.
      • by rbochan ( 827946 ) on Friday November 24, 2006 @05:55PM (#16978874) Homepage

        There are a lot of good reasons to do the things...

        Sorry, but I happen to think that's crap. Much like the government, whenever a controversial law/license is proposed, and its supporters, when confronted with an egregious abuse it would permit, use a phrase along the lines of 'Perhaps in theory, but the law would never be applied in that way' - they're LYING. They intend to use the law that way as early and as often as possible.

        Stolen laptops, Malware, Leaked confidential information (think patient records, social security numbers, etc..)

        Those situations would fall under the jurisdiction of law enforcement, not Microsoft.

        • Re: (Score:2, Funny)

          by Stanislav_J ( 947290 )

          Those situations would fall under the jurisdiction of law enforcement, not Microsoft.

          Once Billy Boy is President [theinquirer.net], they will be one and the same....

        • Re: (Score:2, Insightful)

          by cdrguru ( 88047 )
          Law enforcement? How? What law might you be considering?

          "Malware" isn't illegal. I know of no reasonable law that defines what this might be. Certainly lots of people are inconvenienced by it, but that is hardly justification for making writing software some kind of criminal offence. And any law that purports to make "malware" illegal is utterly unenforcable - do you really believe that some teenager in Romainia is going to be dragged into court in California for a single offence of this type?

          Leaking c
          • It is illegal for Americans to write strong encryption software (it is considered a munition). The DMCA also makes writing certain software illegal (but then again, it technically makes letter openers illegal). I can see classifying certain types of malware as "munitions".
            • by russ1337 ( 938915 ) on Friday November 24, 2006 @10:07PM (#16980846)
              Encryption was moved from the Munitions list to the Commerce list in 1996 "because of the increasingly widespread use of encryption products for the legitimate protection of the privacy of data and communications in nonmilitary contexts"

              "November 15, 1996: Encryption products that presently are or would be designated in Category XIII of the United States Munitions List and regulated by the Department of State pursuant to the Arms Export Control Act (22 U.S.C. 2778 et seq.) shall be transferred to the Commerce Control List,"

              http://www.fas.org/irp/offdocs/eo_crypt_9611_memo. htm [fas.org]
              • While that may be, it was (until Jan 2000) still illegal to import or export strong encryption software. I'm not sure where it stands now. Anyone?
          • Perhaps this law (Score:3, Informative)

            by ArielMT ( 757715 )

            Law enforcement? How? What law might you be considering?

            "Malware" isn't illegal. I know of no reasonable law that defines what this might be.

            Perhaps a little-known law called the Computer Fraud and Abuse Act of 1986 [wikipedia.org] (18 USC 1030 [cornell.edu]), reasonable or not, defines malware as illegal.

            And any law that purports to make "malware" illegal is utterly unenforcable - do you really believe that some teenager in Romainia is going to be dragged into court in California for a single offence of this type?

            Granted, t

            • by Dunbal ( 464142 )
              "Malware" isn't illegal.... ...Perhaps a little-known law called the Computer Fraud and Abuse Act of 1986 (18 USC 1030), reasona...

                    Damn, I heard the sound of the smack from here. I say - good show, old chap!
        • Those situations would fall under the jurisdiction of law enforcement, not Microsoft.

          If Microsoft can provide tools to resolve the situation faster and more effectively than law enforcement, what's wrong with that?

          • Re: (Score:2, Insightful)

            by timmarhy ( 659436 )
            microsoft aren't a public institution subject to control by the people, thats what.
          • by niiler ( 716140 )
            Tell you what... If this is as innocent as some of you are making out, then let's apply it in the manner of Lojack: [lojack.com]

            Customer: My computer has just been stolen, could you please disable it?
            MS Rep: What is your WGA license number, mother's maiden name, and favorite color?
            Customer: THX1138etc...
            MS Rep: Thank you. Your computer is now being disabled, tracked, and if not surrendered within 24 hours, it will self destruct (in the interest of security). Have a nice day!

            Personally, though, I think you all a

          • Re: (Score:3, Interesting)

            by grahammm ( 9083 ) *
            There is nothing actually wrong with Microsoft producing the tools. What is wrong is for Microsoft to use the tools. They should be producing the tools for use by law enforcement. Other companies and industries design and make tools for law enforcement to use, and do not use them themselves to enforce the law. So why should Microsoft not do the same rather than acting as vigilantes and taking the law into their own hands?
        • Those situations would fall under the jurisdiction of law enforcement, not Microsoft.

          Law Enforcement almost never solves them.
        • Sorry, but I happen to think that's crap. Much like the government, whenever a controversial law/license is proposed, and its supporters, when confronted with an egregious abuse it would permit, use a phrase along the lines of 'Perhaps in theory, but the law would never be applied in that way' - they're LYING. They intend to use the law that way as early and as often as possible.

          Looks like DRM was made for you, to prevent the unauthorized copying of other people's work! [google.com]

          • In all honesty, this dude might be a professional paranoiac with an easily google-able catchphrase, but you are a fool, a knave, a liar, and an enemy of liberty everywhere.\

            Anyone who knows jack or shit about law enforcement knows that they can, do, and will use every law and tactic available to prosecute whoever they think are the "bad guys".

            And that's not a slag on law enforcement - that's called "doing their jobs". Obviously, they can get overzealous. And do. And will.

            The point is that you give people power, and they will abuse it to the degree they are permitted . That's why Arlo Guthrie got busted for littering (when his real crime was being a dirty hippy), that's why Al Capone got nailed for tax evasion, that's why the Patriot act leads to waitresses on a plane thinking they can kick off breast-feeding mothers just because they feel like it, that's why we've got another 20 years of releasing the falsely convicted based on DNA evidence (too late for the wrongly executed), and it's why your flip attitude is functionally equivalent to saying "exterminate the jews? go ahead - if the authorities are against them, they must have done something!".

            And so anything - a new law, a new technical system - that isn't done with an eye to how it could be abused, well, it's foolish and ignorant and entirely predictable, and predictably the people who mean to fuck over everyone ignore these things as plainly as can be.

            You really need to study American history again if you don't get this shit by now. Our founding fathers understood this stuff, and that's why "checks and balances" are a part of our government (2000-2006 excepted). You know that scence in Pulp Fiction with the multi-way Mexican Standoff? That's how the US government is supposed to work; go too far, and you'll get blown away, because you can't take out all the other dudes.

            • Whoa, dude, chill out! The guy pointed out that the parent comment was apparently copied from somewhere else without attribution. How does that make him an enemy of liberty who needs to study American history?
            • Re: (Score:2, Offtopic)

              by El Cubano ( 631386 )

              Oh man, you were doing great right up until this part.

              You really need to study American history again if you don't get this @#$% by now. Our founding fathers understood this stuff, and that's why "checks and balances" are a part of our government

              Then you finish up with this:

              (2000-2006 excepted).

              You seriously think that getting around checks and balances is a new occurrence in the last six years? Let me say that you need to go back and study your American history.

              Let me refresh your memory on a

        • Sorry, but I happen to think that's crap. Much like the government, whenever a controversial law/license is proposed, and its supporters, when confronted with an egregious abuse it would permit, use a phrase along the lines of 'Perhaps in theory, but the law would never be applied in that way' - they're LYING. They intend to use the law that way as early and as often as possible.

          If you're going to quote another user's post [slashdot.org] verbatim, it's generally considered polite to include attribution.
        • by Antique Geekmeister ( 740220 ) on Friday November 24, 2006 @07:13PM (#16979524)
          It's worse than you imagine. There is no clear policy on who will obtain the master keys for Palladium or Trusted Computing signature authorities: as things stand, Microsoft will own and sell such authorities. New software signatures must be purchased. This effectively grants Microsoft tremendous access to other company's, or person's trusted keys, and makes installing your own personally created keys prohibitively difficult.

          This also provides BIOS and booatable hardware DRM, in order to control over booting systems. While such is good from a security standpoint, it means that with very trivial changes in hardware such as DRM-managed CD and DVD and USB devices, nothing other than a host-designated, signed Windows operating system will be able to boot the machine enough to install new keys and install a new OS. While the designer of such technologies may not envision such abuse, it's certainly within Microsoft's history of anti-competitive behavior to do this.
        • >>I think that, like many things, the reasons behind these ideas are well intentioned, but can be used for evil if not policed.

          I don't mean to pile on, but we're talking about Microsoft's WGA and other "friendly" technologies here. What part of it do you think is "well-intentioned"?

          And as far as "..can be used for evil if not policed." Just who do you think is doing the policing? As my parent put so aptly put it, using technical jargon, this is a "load of crap".
      • If you want to protect the user, you give the keys to the user (or let him chose them). No encription that hides the keys from you is there for your benefit.

        • Yes, since the user having the keys solves the problem. Not.

          Surveys have shown that users are willing to give out their passwords for a piece of chocolate. Cars are Hijacked every day, and the user just gets out of the car leaving the keys to the attacker. I'm not saying that a TPM chip is the best way to solve the problem, but merely putting it in the users hands doesn't solve much of anything.
          • by deathy_epl+ccs ( 896747 ) on Friday November 24, 2006 @07:10PM (#16979510)
            Yes, since the user having the keys solves the problem. Not.

            Surveys have shown that users are willing to give out their passwords for a piece of chocolate. Cars are Hijacked every day, and the user just gets out of the car leaving the keys to the attacker. I'm not saying that a TPM chip is the best way to solve the problem, but merely putting it in the users hands doesn't solve much of anything.

            I think the real problem here is the lengthening of the digital divide. The people who would benefit from these features are the people who would hand out their password for a chocolate crisp. These people might have some to lose from Treacherous Computing, but not as much as those who are smart enough to know better.

            I wonder if Microsoft is aware that they are driving away the technically savvy? Most of us who use Windows and have some tech savvy are the gamer audience and even though making the move back to running a Unix-derived OS of some sort will impact my primary use for my home computer, I am still starting to seriously plan for it. I wonder how many other gamers are thinking the same thing? I wonder if Microsoft has considered how much losing a big share of the gamer market will hurt them? It is my opinion that a significant chunk of the home market is Windows because that's what the games run on, and if game developers suddenly find it economical or desirable to port their games to different platforms, that could have a pretty significant impact on Microsoft's stranglehold on PC gaming.

            Of course, I'm probably just a statistical anomaly, but I like to hope I'm not... heheheheh

          • by Petrushka ( 815171 ) on Friday November 24, 2006 @08:41PM (#16980188)
            Surveys have shown that users are willing to give out their passwords for a piece of chocolate.

            Point of order: that is false. Surveys have shown that users were willing to give out things that they claimed were their passwords for a piece of chocolate.

          • What you are advocating is the digital equivalent of jailing the user "for his own protection." This is not appropriate, no matter what your intentions are! Don't you see that?

            The only reasonable method of security is to give the user the lock and the key, and let him use them as he sees fit. Anything else cannot ever serve the user's best interests, and anyone who claims otherwise is very likely a totalitarian fascist (in an empirical, rather than derogatory, sense).

      • by Penguin Programmer ( 241752 ) on Friday November 24, 2006 @08:05PM (#16979928) Homepage
        There are a lot of good reasons to do the things Microsoft proposes. Stolen laptops, Malware, Leaked confidential information (think patient records, social security numbers, etc..). The problem is, of course, that most such technologies cut both ways.


        To quote a co-worker, "technical solutions to non technical problems will only lead to insanity."

        Malware, stolen laptops and confidential information being leaked are not technical problems. They're social problems. Stop keeping confidential information in places where it can be leaked (i.e. on employees' laptops) and these problems go away. A technical solution is not called for.
      • Yes, that is what the new enterprise encryption is for. They (MS) say you can encrypt email to be self destructing as well as put encryption on documents with many of the restrictions in the patent. So Yes, there is a valid reason and I'm sure plenty of businesses that would love this tech.. then documents could not only be encrypted on disk but critical ones could self destruct if the laptop wasn't connected within a timeframe to the authenticating domain... pretty cool stuff. MS has their own reasons fo
        • So Yes, there is a valid reason and I'm sure plenty of businesses that would love this tech.. then documents could not only be encrypted on disk but critical ones could self destruct if the laptop wasn't connected within a timeframe to the authenticating domain... pretty cool stuff.

          So you think implementing Orwell's Ministry of Truth [wikipedia.org] is a good thing?!

    • by argoff ( 142580 ) * on Friday November 24, 2006 @05:31PM (#16978704)
      I saw it comming more than two years ago ... What DRM is REALLY REALLY REALLY about [slashdot.org]
    • by nurb432 ( 527695 )
      Or most any other corporation.

      Greed and control isnt monopolized by microsoft. Though they are one of the biggest holders by default due to their impact on most every part of society at this point.
  • For and against (Score:5, Insightful)

    by HomelessInLaJolla ( 1026842 ) <sab93badger@yahoo.com> on Friday November 24, 2006 @05:28PM (#16978674) Homepage Journal
    Since my laptop was stolen about five months ago I can appreciate the qualities of a system which could be used to at least cripple hardware which was stolen or otherwise suspect.

    As a realist, though, I cannot possibly trust that a large organization could implement this properly without willingly abusing it or unwillingly fscking it up.
    • Re: (Score:3, Insightful)

      by b0s0z0ku ( 752509 )
      Since my laptop was stolen about five months ago I can appreciate the qualities of a system which could be used to at least cripple hardware which was stolen or otherwise suspect.

      Why bother? Laptops are easily replaceable. It's the data that you have to worry about. Encrypt it and keep the keys on a device that's kept seperate from the laptop (USB key?) unless it's in use. Combine that with fingerprint scanning or other biometrics if you're really paranoid. And don't encrypt the partition or directo

    • by arose ( 644256 )
      If it can seriously cripple the hardware there is a chance it might bite you. And if it's easy fixed the thief will do it. Use encryption if you are woried about the data.
      • by Fred_A ( 10934 )
        Unfortunately you can't do this with users...

        "whine whine I've forgotten my password and can't get at my spreadsheet"
        "I reset your password last week already !"
        "well yes but It wouldn't let me set it to 1234 like I have on eBay and PayPal"
    • Since my laptop was stolen about five months ago I can appreciate the qualities of a system which could be used to at least cripple hardware which was stolen or otherwise suspect.

      And what makes you think MSFT would actually do that? How many stolen iPods do you think are out there? Apple can identify them uniquely but they won't shut them off or trace them as long as the new owners keep buying music. That's a little cynical, I'm sure that's not the only reason. But turning off hardware is a pretty ag

    • Let me make this perfectly clear to you: you DON'T NEED Treacherous Computing to do this! Every single thing you, as a user, could possibly want to do to protect your data is possible -- and easy, even -- with normal encryption, such as PGP.

      There is exactly one and only one thing that Treacherous Computing allows that other technologies do not: the ability to withhold your information from you. Does that sound like something you need or want? It doesn't to me!

  • Say what? (Score:5, Insightful)

    by Score Whore ( 32328 ) on Friday November 24, 2006 @05:31PM (#16978706)
    Or maybe it's just a way for them to manage licenses? Like you purchase a license to view a movie. They send you the .WMV and the license to view the file. You upgrade your computer and want to migrate all your purchases to the new machine. So you request to remove the license from the current system.

    Maybe someone should read the patent in question?
    • Re:Say what? (Score:5, Insightful)

      by no reason to be here ( 218628 ) on Friday November 24, 2006 @05:38PM (#16978758) Homepage
      Uhh, if i pay to download something--a movie, to use your example--i expect that i have the right to watch it on whatever device that i own and that i shouldn't have to ask for permission to move it from my desktop to my notebook. i don't want to pay for licenses. i want to pay for the movie, and then use that movie in a anyway that i please that is legal without having to ask for permission, and if that means you have to trust me that i won't do anything illegal with that movie, well boo-fucking-hoo. i haven't committed any crimes, so i don't want to be treated like a criminal.
      • by cdrguru ( 88047 )
        Problem is who gets to define what "legal" is?

        Most people nowadays believe it is quasi-legal to download and "share" music with the rest of the Internet-using world. If they aren't on a dialup connection, they may have downloaded a movie or two as well.

        Of course, all of this was illegal. Have these people been arrested? How is "Legal" supposed to be enforced? Trust? Yeah, right. Nobody since about 1830 relies on "trust" to stay in business. And I think that guy went bankrupt like he deserved.

        And "tru
        • Re:Say what? (Score:5, Insightful)

          by b0s0z0ku ( 752509 ) on Friday November 24, 2006 @07:31PM (#16979682)
          Of course, all of this was illegal. Have these people been arrested? How is "Legal" supposed to be enforced? Trust? Yeah, right. Nobody since about 1830 relies on "trust" to stay in business. And I think that guy went bankrupt like he deserved.

          Too late. The barn door is open. The horse is running free, halfway across the State. Locking it now ain't gonna help any.

          Content has become cheaper and easier to distribute. Just like when the printing press came out 500 years ago which removed the need for scribes - content creators will have to adapt or die. Book authors can adapt in one of several ways: release books in serial form with the understanding that if enough people don't pay for one chapter, the next one isn't coming out. Possibly a return to the idea of the literary magazine. Sure it can be pirated, but not quickly. Also it could even be free and supported with unobstusive advertising.

          Movie producers can write for the theatre, and people *will* pay to see live performances. People will also go to the movie theatres to see movies, and theatres can be policed pretty well as far as respecting copyright. Maybe there'll also be fewer inane movies that are made solely for money since there'll be less easy money in production.

          Musicians will still have live performances, concerts, etc. Perhaps tickets will be more expensive than today, but people will still go watch as they do now.

          I'm not saying that those changes are for the better, but like it or not, mass media as it has worked for the past 75 years or so is dead. Passing obtrusive laws and locking down computers will only delay the inevitable. There are two choices: adapt or die.

          -b.

        • Problem is who gets to define what "legal" is?

          Indeed, who the fuck do these publishers think they are, to restrict what I'm allowed to see, hear, and think?

      • if that means you have to trust me that i won't do anything illegal with that movie, well boo-fucking-hoo

        That's kind of like saying nobody should ever lock their house or car, because the neighbours aren't criminals dammit and if you have to trust me not to steal your stuff, well boo-fucking-hoo.

        What's that? You do lock your car? Well I can't say I blame you. There are untrustworthy people in the world, after all.

        • Locking your car is the equivalent of encrypting your data. This DRM crap is the equivalent of me selling you a car, but keeping the keys and making you ask permission and state your intended route every time you drive.

        • by arminw ( 717974 )
          .....That's kind of like saying nobody should ever lock their house or car......

          No, its like the building contractor locking my house and then telling me that unless I jump through whatever hoops he dictates to give me the keys, I should sleep under a bridge. Even after he/she gives the keys, it can be taken away again if I let the "wrong" people in.
    • by Tim C ( 15259 ) on Friday November 24, 2006 @05:39PM (#16978762)
      Maybe someone should read the patent in question?

      No, this is slashdot, where we read an inaccurate, third-hand interpretation of the abstract of a patent (not the claims), then check to see who it was granted to, and rubbish or support it based on that.
      • ...inaccurate, third-hand interpretation of the abstract...

        That's the same basis most Americans (who do) vote, base their vote on...

        I don't get it. Why is there a moderation called "Funny", but no moderation called "Sad"?

    • Re:Say what? (Score:4, Insightful)

      by Anonymous Coward on Friday November 24, 2006 @06:03PM (#16978934)
      Yeah, I think it's a great idea that when I purchase content, I have to jump through bureaucratic hoops to view it. Since this will be the first ever DRM scheme that is unhackable, the pirates will finally be stopped. The noble content providers will finally see a profit from all of these movies and songs that they created, and all I have to do in order to view "You, Me, and Dupree" in glorious high rez is buy a new monitor, a new operating system, and a new computer, and then waste a bunch of my free time messing around with their cumbersome protections. Hallelujah!

      I think I'd rather go to the library and read a freakin book, for free, before they find a way to DRM paper.

      The only think lamer than M$ is an M$ apologist... I really can't understand why you'd spend any effort sticking up for them. You just enjoy having your rights restricted? You enjoy getting less for your money? You actually believe that this nonsense will slow the pirates down for even a second? It won't. It will just inconvenience millions of honest people. It's the digital equivalent of getting felt up by an airport security goon, all in the name of stopping "the terrorist".

      I truly pity you, and your abject servility to a faceless and uncaring authority.
  • by quiberon2 ( 986274 ) on Friday November 24, 2006 @05:37PM (#16978756)
    We have had 'certificate revocation' schemes in things like Distributed Computing Environment for a while.

    If you believe your password has been compromised, or your PIN had become known to someone else, then for 'high-value' systems you need to be able to administratively indicate that any 'authority to behave as you' is not to be believed any more.

    The 'personal' computing market is splitting.

    If you inflict this kind of feature on a lawyer, doctor, or engineer, who is trying to go about their professional work, you cause loss and damage and you get your product thrown out post-haste as unfit for purpose. Lawyer, doctor, and engineer have plenty of money and need the top-grade service.

    If you give someone a cheap deal on a Star Wars DVD because of them being willing to accept the possibility that their permission to view it might disappear unexpectedly, then that's rather like having a 'standby list' of people who might or might not be able to get on a plane at cheap prices according as whether the plane fills up with full-price passengers.

    • If you inflict this kind of feature on a lawyer, doctor, or engineer, who is trying to go about their professional work, you cause loss and damage and you get your product thrown out post-haste as unfit for purpose. Lawyer, doctor, and engineer have plenty of money and need the top-grade service.

      HAH! I wish engineers (can't speak for doctors or lawyers) understood that! But unfortunately, even the most well-educated ones are functionally illiterate in terms of understanding the implications of proprietary

  • It stops anyone else from trying it.
  • Since when is Richard Stallman paranoid?
  • by epp_b ( 944299 ) on Friday November 24, 2006 @06:27PM (#16979116)

    Of course it's "treacherous", not "trusted". It's about taking control away from the owner, the user; and giving it to a remote entity. Hasn't it always been?

    Clear evidence of this comes to light when you think closely about the proposed "Owner Override" feature that would effectively disable an onboard TPM chip...or maybe not, depending on whether or not we're being lied to about that.

    First off, if this feature is really everything we're told it is -- that it really disables the TPM chip -- then what is the entire point of this? To have software, music and video vendors build their content around a supposedly "unbreakable" remote control scheme in their power...only to be broken by a built-in flick-of-a-switch feature?

    And if we are being lied to about "owner override", then it's clear there is something they want to maintain hidden from us.

    Either way, it won't work. Somewhere on the motherboard, between the keyboard and the hard drive, if you will, data must be unencrypted. You just can't keep something that is exclusively mine and in my possession, a secret from me!

    • Re: (Score:2, Informative)

      by Anonymous Coward

      No... it doesn't work that way. When you disable the TPM, it really is disabled. It's just that your machine and its software can no longer remotely attest to its configuration -- meaning that it can no longer report that the hardware is intact and that you are running SPECIFIC code. In that case, the remote server will refuse to send any content. This is the essence of DRM.

      In future, once the plans for these TPMs have reached fruition, you will not be able to connect to the internet (because the ISP will

      • "In future, once the plans for these TPMs have reached fruition, you will not be able to connect to the internet (because the ISP will insist on a trusted connection) if you disable the TPM.

        Well what if you have a DSL router that has a TPM chip but your PC doesnt? Can you get round it that way?
    • Re: (Score:3, Informative)

      The Trusted Computing tools are already planned for inclusion in the next generation of both Intel and AMD CPU's. There's no chip to turn off: it will be a CPU feature that may or may not be de-activated on request, but getting the system booted far enough to turn the feature may require access to an authorized software tool itself. And hardware such as DVD's, CD's, USB sticks, and hard drives are clearly planned to include Trusted Computing access control. That can help prevent unauthorized users from usin
  • I am serious, but then I do not use Windows.
  • by Catbeller ( 118204 ) on Friday November 24, 2006 @06:36PM (#16979196) Homepage
    Stallman is not a paranoid. He is a cynic, and an accurate one. He merely rips away all the happytalk and states the problem in stark terms. That's not paranoia, which is a loaded term come to be used by PR masters to smear opponents. That and "conspiracy theorist".

    Stallman and I are old enough to remember how Microsoft has comported itself for a quarter century. They are consistent liars and cheats, and pointing this out is just a service to the yunguns who don't even remember MS criminally falsifying video evidence -- and getting caught red-handed, too -- at the monopoly trial. IF you or I had done that, we'd still be in federal prison. MS just had a president dump their criminality into the shredder, and then made even more monopoly money.

    They perform no action idly. They've a plan, and it involves killing competition and keeping all the money in the world for themselves. It's a mission statement.
    • Re: (Score:2, Interesting)

      by UncleOwl ( 1016926 )
      I completely agree with the parent. I am that old too - but it took some time. Actually I remained a cluelessly happy MS user until having to compile and teach a course on various IT issues including its history (was back in 2000). Digging into the books and websites for course materials, I unearthed so much stinky stuff about a certain corporation and their typical practices that it made me sick. Thankfully, in those days Stardivision released their StarOffice 5.1 and 5.2 which along with Mandrake (6.1?) g
  • I had a dream that Microsoft consorted with Cisco, Sun, Comcast and Intel to REQUIRE a trusted computer to access Internet2. It was billed as the only way to bring "law and order" to the wild west of the 'net.

    Silly dream? *shrugs*
    • What a coincidence.....

      I bet there's a number of other people that have had the same dream. I just wish there was a way to make it stop. Because I keep having it over and over again. Each time a little further along then the last.

      Too bad, because it (your fellow citizen's freedom) will be sold for the right price.

      Today's lesson: Freedom is for sale for about $2 less than the going price.
  • Here is the description from the patent that describes what it's for:

    [0013] It is to be appreciated that from time to time the user, the computing device 14, the trusted component 18, or another entity (hereinafter, the client) may wish to remove a license 16 from use in connection therewith. For example, it may be the case that the client no longer wishes to render the corresponding content 12, or that the client wishes to transfer the license 16 to another client. Although the client could merely remove t

    • by arminw ( 717974 )
      .....So the main idea is to have a way that the client software (such as WMP) can notify the license server that the license (i.e. decryption keys, etc) is being deleted from a particular machine......

      Could this be the real reason why MS doesn't want their VISTA to run in a virtual machine? Virtualization allows anyone to make an end run around all DRM and activation schemes.
    • It's a normal and reasonable part of an overall DRM system.

      A "normal and reasonable part" of an inherently unreasonable system? I'd say that makes it unreasonable itself!

      It doesn't really have anything to do with Trusted Computing Group (aka TCPA) style Trusted Computing, rather they mean that the server trusts the client (just as Apple trusts iTunes).

      Well, except that Treacherous Computing is the mechanism to authenticate the machine and make the whole system "work," that is...

  • I may be redundant here, but the EFF article [eff.org] looks great. It is long though, but I just want to post this to encourage you reading it all. It may prevent a couple of misconceptions. (it did for me)
  • It is very simple (Score:5, Insightful)

    by DrJimbo ( 594231 ) on Friday November 24, 2006 @06:46PM (#16979310)
    When the user/owner controls the keys it really is trusted computing. When someone other than the user/owner controls the keys then it is treacherous computing. Unfortunately, perhaps for marketing reasons, Microsoft does not use these definitions.

    And for the record, Richard Stallman is very good at foreseeing problems way before other people, but that does not make him paranoid, just foresightful.

  • by bitspotter ( 455598 ) on Friday November 24, 2006 @06:52PM (#16979360) Journal
    The TCPA and TCG technical specifications define what it means to be an "owner" of a device, to "take ownership" of a device. The ability to revoke features on device like this if you, the consumer who purchased the device (the "owner" in the legal sense) is not really problematic. It's a useful feature, in case, eg, your device is stolen.

    The problem , of course, comes when you buy or rent a Trusted Computing device from a vendor who has previously "taken ownership" of the device before your purchase, in the technical sense put forth in the spec. If you're renting it, then it's legally the property of the vendor, and they have every right to control of their property. But if you purchase a device outright, there's no excuse for a vendor to retain ownership in the technical sense if they have ceded it to you in the legal one. This is the Crux of all the "evil" potential that Trusted Computing has. If the consumer is the owner, there's not much vendors can do to be evil with it.

    The features of Trusted Computing devices work, and they are genuinely useful - but they only serve the "owner" of the device. It is our responsibility to demand full ownership of our devices (and not to settle for "rented" equipment, in the technical sense or the legal one).
    • You've almost got it, but not quite.

      The "take ownership" feature in the TC spec only establishes a secondary digital key for the owner of the hardware. The "root of trust" or "attestation" key is embedded when the TPM (TC chip) is manufactured and it is never subject to control by the eventual owner of the hardware.

      By saying that retention of ultimate control by an outside party, by means of their posession of a key mathematiclly related to the one in the chip, together with the hardware owner's inability t
  • With all of the lock down that they have?
    *You can only use our phones
    *You must pay for a data plan to the get discount on that phone
    *You can only use apps that you buy at our store
    *Our phones are locked to our network
    *We force updates on to you
    *We lock out things on your phone to force you to use our network to use them
    aka get photos off of the phone
    *We have a download limit on our unlimited data plan
    and so on?
    • Probably they do.

      But there are countermeasures against locked phones, as there will be here. Either buy a phone direct from the manufacturer and insert your SIM (only a few hundred $), buy a used unlocked phone, or use a cell phone unlocking service.

      -b.

      • Of course, those "countermeasures" certainly haven't made the industry any less fucked up! I don't know about you, but I'd rather prevent these assholes from trying to enslave me in the first place. Talking about "countermeasures" is counterproductive.

  • about this issue eh ?

    BEFORE you push such hardware/software out, its remedy will be already being downloaded for hundreds of thousands via p2p.

    fucking morons. you still havent been able to understand it - you cant control INFORMATION.

    Ill speak rather philosophically so that some clueless b.a. graduates at microsoft maybe might be able to understand what is going on :

    By the esoteric nature of it, information/knowledge WANTS and NEEDS FREE flow, and it flourishes and grows in such an environment.
  • Come on. At least *try* to read the thing.

    This patent is NOT for a remote entity to revoke a license. It's for the *client* (the USER) to revoke a patent in such a way that the remote service is assured that the license really has been removed.

    If you want to "return" content that you bought or you want to transfer content to another machine, this allows you to do that.

    In addition, this is standard DRM stuff. People might not like DRM (I don't particularly like DRM), but this particular patent allows a us
    • Tell the server that you're no longer authorized so you can move your license, then hit the rewind button in VMWare =)

      Melissa
      • by Dr. Blue ( 63477 )
        Now *that* is where the trusted computing stuff can come in. With a system that correctly uses a TPM, the system can tell whether it's running in a VM or not - can't do that with any sort of assurance without hardware support...

        No doubt that if "trusted computing" takes off, Microsoft will not allow DRM-protected media to be played inside a VM - whether you have the "ultimate" license that allows VMs for the basic system or not.

        • No doubt that if "trusted computing" takes off, Microsoft will not allow DRM-protected media to be played inside a VM - whether you have the "ultimate" license that allows VMs for the basic system or not.

          Which, again, is entirely missing the point: it's not about whether Microsoft will or will not allow something; it's that Microsoft has no right do dictate the decision!

    • This patent is NOT for a remote entity to revoke a license. It's for the *client* (the USER) to revoke a patent in such a way that the remote service is assured that the license really has been removed.

      Wow, you fell for the bullshit hook, line and sinker! What you fail to realize is that it doesn't matter who does the revoking, because the entire concept of requiring a "license" for a user to access his own data is insane!

      Sadly, the DRM overlords have probably already won -- they've beaten people like yo

  • The last straw (Score:2, Interesting)

    by leeosenton ( 764295 )
    This whole saga has been the final straw for me. I have kept a working install of Linux or BSD for several years, but always needed Windows for something. No more. I have rebuilt my system and shifted to Linux for all home computing. I have always wanted to switch, but never got around to solving each of the minor speed bumps that came along. It was just easier to boot Windows and do what I needed to do. When I wanted to play, I would boot Linux and tinker away. No more. I am completely switched and have re
  • There is no such thing as "Trusted Computing". There are only degrees of untrusted computing.
    • ...but it's not. It's deliberate, calculated, evil terminology designed to mislead the computer using masses into giving up their rights. It's doublespeak [wikipedia.org], and it's the best example of it I've seen in the last decade (and that includes things like "homeland security"). It's a damn shame that not enough people have read 1984 (or at least The Right to Read [gnu.org]) in order to recognize it as such and have society reject it wholesale!

      • It's deliberate, calculated, evil terminology designed to mislead the computer using masses into giving up their rights.

        And what organization is better suited to the task than Microsoft ... not that the current Administration is any better.
  • "Just because Richard Stallman is paranoid doesn't mean Microsoft's not out to get you."

    When it comes to Microsoft - I know I'm being paranoid, the question is, Am I being paranoid enough?

To thine own self be true. (If not that, at least make some money.)

Working...